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1.  Introduction 


The  Software  Technology  for  Adaptable  Reliable  Systems  (STARS)  has  contracted  for  the 
operation  of  a  repositoiy  of  ^  deliverable  software  and  technical  reports.  The  repository  also 
operates  as  medium  of  interchange  between  the  pr '  contractors,  the  subcontractors,  the 
consultants,  and  the  contracting  agency.  Electronic  mail  is  interchanged,  other  electronic 
documents  are  shared,  software  is  developed,  and  software  is  shared  and  reused  by  the  STARS 
contract  participants  with  the  STARS  repository  computer. 

Thus  the  repository  acts  as  a  focal  point  of  the  STARS  program  which  facilitates  many  of 
the  activities  of  the  program.  The  IBM  Team  STARS  repository  has  been  operated  for  14 
months,  during  which  time  the  repositoiy  itself  has  grown  and  matured  from  a  simple  electronic 
file  storage  medium  to  a  relation^  database  of  reusable  software  components.  The  maturation  of 
the  repositoty  continues,  but  is  dependent  on  the  reliable  operation  of  the  STARS  computer.  This 
report  describes  the  operation  of  the  STARS  repository  computer  and  describes  the  basis  for  the 
policies  under  which  it  operates. 
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2.  The  Repository  Computer  System 


2.1  Hardware 

2.1.1  Central  Processor 

TTie  Repository  computer  system  is  a  Digital  Equipment  Corporation  (DEC)  microVAX 
model  3600  with  32  megabytes  of  main  memory.  Tlie  VAX  line  of  computers  from  DEC  offers 
extended  virtual  memory  addressing  and  software  compatibility  across  a  wide  performance  range 
of  CPU  platforms  from  approximately  one  MIPS  up  to  30  MIPS.  The  VAX  central  processing 
unit  is  a  comjjlex  instmctions  set  computer  (CISC)  architecture,  as  opposed  to  reduced 
iiistmction  set  computer.  The  model  36()0  is  rated  at  2.7  MIPS,  it  may  be  upgraded  to  a 
performance  level  of  3.8  MIPS  with  a  change  of  CPU  boards. 

2.1.2  Disk  Storage 

The  repository  computer  is  equipped  with  four  DEC  RA82  disk  drives,  each  of  625 
megabyte  capacity.  One  RA82  is  used  exclusively  for  the  operating  system  and  its  software 
support.  This  disk  also  contains  the  page  and  swap  files  used  by  the  virtual  memory  operation  of 
the  machine.  The  compilers,  debuggers,  editors,  database,  and  documentation  software  reside  on 
this  disk. 

A  separate  RA82  is  used  to  house  the  user  files  and  working  storage  for  software 
development.  Each  user  is  allocated  a  unique  working  area  for  their  own  files.  A  task  area,  such 
as  IR40,  may  also  be  allocated  a  unique  working  area  on  this  disk  for  the  files  and  programs 
associated  with  the  task. 

The  remaining  two  RA82  disk  drives  are  used  to  house  the  Ada  software  repository.  The 
two  physically  separate  disk  drives  have  been  bound  as  one  volume  set  giving  the  repository  the 
equivalent  capacity  of  a  single  1.25  Gigabyte  disk  drive.  Wlien  this  capacity  is  exhausted 
additional  disk  drives  can  be  bound  into  the  multi-volume  set;  however,  a  better  alternative 
might  be  to  logically  divide  the  repository  into  multiple  volumes  divided  by  content. 

The  Ada  software  repository  is  represented  by  both  a  database  and  a  hierarchical  directory 
of  the  collected  Ada  source  code  and  deliverables  from  the  STARS  program  and  other  sources. 
Thus  there  are  two  views  of  the  repository,  an  organized  view  represented  by  the  database  and 
the  collection  of  files  represented  by  the  directory  tree.  'Hie  database  view  provides  for  imposing 
organization  and  reuse  technology  to  the  collected  raw  materials. 

2.1.3  Communication 

The  only  serial  communication  device  connected  to  the  VAX  3600  is  the  console  teiminal 
used  for  system  control.  All  serial  devices  such  as  user  temiinals,  modems,  and  printers  are 
connected  to  the  VAX  3600  via  a  DECServer  500  terminal  server.  The  DECServer  is  a  computer 
and  communication  interface  system  which  concentrates  the  serial  data  and  communicates  to  the 
VAX  3600  via  an  Ethernet  local  area  network  (LAN).  The  DECserver  is  programmed  upon 
startup  by  one  of  the  computers  in  the  VAX  cluster  to  which  it  is  connected.  The  programming 
configures  the  DECServer  ports  and  sets  preferred  services  for  each  port.  ITie  ports  which  are 
connected  to  the  ST’ARS  modems  have  a  preferred  service  to  connect  to  the  STARS  computer. 

The  modems  for  the  STARS  system  are  ail  supplied  by  Multitech.  There  are  eighteen  2400 
baud  MNP  level  5.0  modem  cards  in  two  Multitech  CC216  Modem  Rack  chassis.  These  modems 
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are  available  by  dialing  (813)791-7222,  the  pilot  number  for  the  eighteen  line  rotary  connection. 
The  STARS  computer  can  also  be  reached  by  dialing  1-800-STARS10  (1-800-782-7710). 
Additionally,  there  are  two  Multitech  V.32  modems  capable  of  dial-up  speeds  to  9600  baud. 
These  two  modems  are  operated  in  place  of  two  of  the  2400  baud  modems,  they  are  accessed  by 
the  phone  numbers  (813)791-0535  and  (813)7'  1-9530,  the  highest  two  numbers  on  the  eighteen 
line  rotary. 

STARS  users  may  dial  (813)791-9437  for  assistance  with  accounts,  logging  onto  the 
computer,  or  for  help  in  locating  products. 

The  STARS  computer  local  Ethernet  is  bridged  to  an  Ethernet  at  IBM  in  Gaithersburg, 
Maryland  using  a  leased  telephone  line  and  high  speed  modem.  Each  end  of  the  bridge  uses  a 
Paradyne  Challenger  19200  modem  and  Advanced  Computer  Communications  ACS4030 
Ethernet  bridge  interface. 

2.1.4  Peripherals 

The  STARS  VAX  3600  also  has  a  DEC  model  TU81-Plus  9-track  industry  compatible  tape 
drive  capable  of  1600  bpi  and  6250  bpi  operation,  a  DEC  LN03R  Postscript  Laser  printer,  and  a 
DEC  proprietary  canridge  tape  unit  for  loading  software  called  a  T1C70.  The  TU81-Plus  is  used 
for  backup  and  file  exchange  with  the  other  prime  contractors. 

^  f. 

oonwai^5 

The  STARS  computer  runs  under  DEC’S  proprietary  operating  system,  VMS.  VMS 
supports  asynchronous  terminals  and  workstations  operating  as  VAX  Cluster  members,  there  are 
no  workstations  supported  by  the  STARS  computer  at  this  time.  VAXAT^iS  offers  a  number  of 
features  that  make  it  suitable  for  use  as  a  repository:  account  management  is  straightforward, 
there  are  a  large  number  of  commercial  products  available  for  VAX/VMS,  it  is  compatible  with  a 
wide  range  of  communication  products,  and  it  is  easy  to  work  with  for  a  large  number  of  users  as 
many  of  its  commands  are  similar  to  those  found  on  PCs. 

2.2.1  Commercial  Off  the  Shelf  Software  (COTS) 

The  STARS  computer  is  currently  licensed  for  the  following  products: 
o  VAX  VMS  o^Teraung  system  for  up  to  40  users, 
o  DEC  VAX  Ada  compiler,  version  i  .5, 
o  DEC  VAX  Configuration  Management  System, 
o  DEC  VAX  Language  Sensitive  Editor, 
o  DECVAXNotes, 

o  Oracle  Corporation  Relational  Database  Management  System, 
o  Dynamics  Research  Coi3X)ration  AdaMAT. 


2.2.2  Ada  Software  Tools 

Tne  following  products  are  compiled  versions  of  software  developed  in  Ada  as  part  of 
various  STARS  contracts.  Source  code  is  available  in  the  repository  for  these  products: 

o  Browser  (file  browser) 
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o  CAS  (Count  Ada  Statements) 
o  Check_Standaids 

o  COCOMO  (Constructive  COst  MOdel) 
o  Compile_Order 
0  Eat_Tab 
o  Page 
o  Pretty_Print 
o  SE  (STARS  Editor) 

o  SGML  (Standard  Generalized  Markup  Language,  ISO  8879: 1 986) 
o  Statement__Profile 
o  Unpage 


2.3  System  Availability 


The  system  is  considered  available  when  a  local  or  remote  user  may  logon  to  the  computer 
and  perform  repositorj’  activities.  The  system  is  considered  to  be  "down"  at  all  other  times  for 
any  reason,  including  routine  maintenance  and  backup.  The  STARS  computer  should  be 
available  ai  least  98%  of  Uic  iiiiic,  tliiS  allows  foi  iiO  i'liOic  iiiai'i  14.G  hours  downUmc  per  month 
on  a  yearly  average. 


2.4  Response  Time 

With  the  exception  of  commands  that  invoke  time  consuming  activities,  STARS  users  see 
little  or  no  delay  in  the  computers  response  to  their  commands.  The  actual  response  time  to 
commands  has  not  been  objectively  measured;  however,  subjective  measurement  generally 
indicates  that  the  STARS  computer  is  performing  well.  There  are  times  when  response  is 
noticeably  longer  than  desired,  primarily  due  to  heavy  program  development  or  database  activity. 
Should  this  become  a  problem  there  are  several  solutions:  operating  system  tuning  or  the 

inetallatinn  nf  a  facfpr  PPI I  hnarri  Tiinincr  the  nnprafinp  svsU'in  inav  inrliirie  ariiiistmenf  of 

•  W...  -W  -  —  ...  .  - ^  - ^  -  - - -  - ^ . ^ 

system  parameters  or  the  purchase  of  additional  software,  such  as  a  disk  file  defragmentation 
product  to  improve  performance.  Tliere  is  no  evidence  that  a  performance  problem  currently 
exists. 


CDRL  1440 


3.  STARS  Users 


Tlie  STARS  computer  system  serves  the  STARS  community  of  prime  contractors, 
subcontractors,  and  consultants.  Only  persons  directly  involved  with  the  STARS  program  may 
have  access  to  the  STARS  computer  and  only  for  work  directly  in  support  of  STARS.  Software 
and  files  available  on  the  STARS  computer  are  for  support  of  the  STARS  program  and  may  not 
be  used  on  any  program  without  permission  fiom  the  program  office.  Autliorized  STARS  users 
are  not  charged  for  access  to  the  computer,  use  of  the  computer  is  an  expense  covered  by  task 
IRIO. 

There  is  no  typical  STARS  user.  Many  have  little  experience  with  DEC  VAX  computers, 
but  are  very  experienced  PC  users.  Others  are  experienced  with  UNIX  in  a  workstation 
environment,  but  have  little  PC  or  VAX  experience.  Others  are  experienced  on  a  number  of 
different  platforms  and  have  little  difficulty  with  the  VAXATVIS  operating  system. 


The  importance  of  the  user  profile  caimot  be  understated.  The  goal  of  repository  operation 
is  to  design  and  provide  a  system  which  can  be  understood,  used,  and  accessed  by  an  average 
user  while  at  the  same  time  encouraging  the  advanced  user  to  utilize  the  full  suite  of  available 
software  development  tools  and  facilities.  The  typical  user  profile  to  which  the  STARS 
repository  is  targeted  is; 

o  Using  a  PC  with  a  VI  100  terminal  emulator  package  such  as  PROCOMM, 

■tl  -  -  -  1  ^  A  4  AA  1 _ I  — 

u  nttd  a  L^yjxj  ui  e^'auu  iiivucm, 

o  Prefers  a  menu  access  to  the  repository  database  over  VMS  commands,  and 

o  Is  more  interested  in  the  ST ARS  product®  than  software  development. 


Given  this  user  profile  it  is  important  that  developers  be  sensitive  to  the  limitations  this  imposes 
on  software  developed  for  repository  access.  One  of  the  more  important  limitations  is  the  lack  of 
graphics  or  user  interface  devices  other  than  the  keyboard  and  a  character  display.  VAX/VMS 
can  support  a  mmiber  of  different  terminal  types,  among  which  VTIOO  is  the  common 
denominator  with  the  widest  support  by  PC  based  terminal  emulators;  however,  VTIOO  support 
does  not  provide  for  more  than  four  special  function  keys,  a  problem  when  converting  software 
from  the  PC  environment  to  the  VAX  environment.  Users  may  report  problems  with  their 
equipment  as  problems  with  the  STARS  computer  or  they  may  have  misunderstanding  on  the 
differences  between  operation  of  programs  under  VAX/VMS  compared  to  MS-DOS. 


Tire  menus  and  tools  provided  to  users  need  to  be  consistent  with  the  use  they  expect  of  the 
repository.  Seme  of  the  uses  for  the  repository  are: 

o  Peer  review  of  contract  deuverables, 
o  Search  for  reusable  components, 
o  Access  to  development  tools,  and 
o  Electronic  mail  to  other  users. 


Since  users  are  typically  accessing  the  system  by  dial-up  phone  lines  and  at  1200  or  2400  baud, 
the  time  required  to  display  full  screen  forms  can  be  tedious. 


Users  will  want  to  customize  their  access  to  the  repository  system.  Such  customization  is 
easily  performed  by  those  experienced  witli  VAXA^S.  For  the  novice  user  of  VAXA^S,  the 
command  structure  is  rather  obscure  and  arcane.  Manuals,  such  as  "Introduction  to  VAX/VMS" 
by  DEC,  are  not  readily  available  to  remote  users.  A  user  guide  for  the  repository  is  in 
preparation  and  will  become  a  routine  distribution  to  all  repository  useis. 
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For  reviewing  text  files,  users  need  an  easy  to  work  with  text  editor  that  handles  the 
minimal  needs  for  examining  files.  The  Boeing  repository  provides  user  selectable  access  to  a 
variety  of  editors  as  one  means  of  customization.  This  approach  has  some  advantages;  however, 
the  typical  user  may  not  have  a  reason  to  prefer  TPU,  EDT,  VI,  or  EMACS  if  they  have  no 
experience  with  any  of  them.  The  IBM  Team  repository  instead  standardizes  on  a  file  editor 
known  as  the  File  Browser,  a  derivation  of  the  STARS  Foundation  Text  Editor  prepared  for  the 
Naval  Research  Laboratory  under  contract  N00014-87-C-2386.  Tliis  approaci  allows  for 
smoother  integration  of  the  edit  function  into  the  other  software  products,  but  imposes  a  choice 
upon  users.  Such  decisions  and  trade-offs  are  common  in  repository  design. 

Each  user  is  provided  with  a  unique  working  area  for  files  they  create  and  use.  Such  an  area 
is  a  directojy  on  the  user  disk,  known  by  the  logical  name  DISKSUSER:.  The  name  of  the  user’s 
directory  is  the  same  as  their  username.  On  the  STARS  computer  each  user  has  access  to  as 
much  storage  area  as  they  need,  up  to  the  space  remaining  on  the  disk  assigned  to  users. 
V AX/VMS  allows  disk  quotas  to  be  estabhshed  to  regulate  the  amount  of  disk  space  a  user  may 
consume.  Disk  quotas  will  be  enabled  on  the  user  di^  when  there  is  insufficient  space  to  allow 
users  unlimited  access. 
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4.  Security 


4.1  User  Access 


Systems  accessible  from  dial-up  phone  lines  are  vulnerable  to  penetration  by  hackers.  Tlie 
primary  defense  against  unauthorired  access  is  the  combination  of  usernames  and  passwords 
assigned  to  each  user.  Users  not  famiUar  with  password  protection  schemes  may  select 
passwords  that  are  easy  to  break,  such  as  their  username  or  a  simple  first  name. 


VAXA^S  offers  a  number  of  features  that  facilitate  the  management  of  users  and 
passwords.  Under  VMS,  system  managers  can  change  passwords  for  users;  however,  they  may 
not  determine  a  user's  password.  The  program  used  to  manage  user  accounts  is  called 
AUFHORIZE.  The  AIJHIORIZE  program  has  a  number  of  parameters  that  control  user 
passwords,  these  parameters  are  explained  and  typical  values  are  shown  below. 

o  minimum  length  (PWDMINIMUM=6  characters), 
o  lifetime  (PWDLIFETIME-90  days),  and 
o  expiration  date  (PWDEXPIRES). 

VMS  also  maintains  information  on  the  last  login  and  the  .ber  of  logins  failures  by  a  user. 
Tire  follow'ing  is  an  account  profile  for  the  system  manager; 


Username 
Account : 
CLI : 

Default : 
LGICMD: 


KUTOROf E 

SIARS 

DCL 

DISK$USER: [KUTOROFF] 
LOGIN 


Owner:  STEVE  KUTOROFF 

UIC:  [100,26]  ( [SAIC, KUTOROFF] ) 

Tables:  DCLTAELES 


Login  Flags : 

Primary  days :  Mon  Tue  Wed  Thu  Fri 

Secondary  days:  Sat  Sun 

No  access  restrictions 

Expiration:  (none)  Pwdminimum;  8  Login  Fails:  0 

Pwdlifetime:  30  00:00  Fwdehange;  25-OCT-1989  08:13 

Last  Login:  ir)-NOV-1989  09:5b  ( interactiv,)  ,  19-OCT-1989  11:17 


Max jobs : 

0 

Fillm: 

100 

Bytlm: 

20480 

Maxacct  jobs : 

0 

Shrf illm: 

0 

Pbytlm: 

0 

Maxdetach : 

0 

BlOlra: 

18 

JTquota ■ 

1024 

Prolin: 

10 

DIOlm: 

18 

WSdef : 

1024 

Prio : 

A 

ASTlm: 

24 

WSquo : 

2048 

Queprio : 

0 

TQElm: 

10 

WSextent : 

4096 

CPU: 

(none) 

Enqlm: 

300 

Pgf Iquo : 

20000 

Authorized  Privileges: 

CMKRNL  CMEXEC  SYSNAM  GRPNAM  ALLSPOOL  DETACH  DIAGNOSE  LOG_IO 
GROUP  ACNT  PRMCEB  PRMMBX  PSWAPM  ALTPRI  SETPRV  TMPMBX  WORLD 
OPER  EXQUOTA  NETMBX  VOLPRO  FHy_IO  BUGCHK  PRMGBL  SYSGBl  MOUNT 
PFNMAP  SHMEM  SYSPRV  BYPASS  SYSLCK  SHARE  GHPPRV  READALL 
SECURITY 


Default  Privileges: 

TMPMBX  NETiiBX 
Identifier 
NEWSMANAGER 
REPOSITORY 
STARSR40 


Value 

%xeooiooo6 

%X8001002C 

%X80010081 


Attributes 

NORESOURCE  NODYNAMIC 
NORESOURCE  NODYNAMIC 
RESOURCE  NODYNAMIC 
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STARSR20 

%X8001007B 

RESOURCE  NODYNA141C 

STARSR20_ 

_QA 

%X8001007E 

NORESOURCE 

NODYNAMIC 

STARSR20_ 

_CM 

%X8001007D 

NORESOURCE 

NODYNAMIC 

STARSR40 

~CM 

%X80010083 

NORESOURCE 

NODYNAMIC 

STARSR40_ 

Iqa 

%X80010084 

NORESOURCE 

NODYNAMIC 

The  system  manager  and  operations  staff  are  privileged  users,  they  may  use  resources  and 
examine  files  not  accessible  to  others.  It  should  be  noted  that  privileged  users  have  a  pa.ssword 
lifetime  of  30  days  instead  of  the  90  days  assigned  to  normal  users.  In  addition,  privileged  users 
receive  the  same  privileges  as  nomial  users  upon  login,  any  special  privileges  must  be  requested 
as  needed.  Identifiers  as  listed  above,  may  be  used  for  controlling  file  ownership  or  in  file  access 
control  lists  (ACLs)  to  control  user  access  to  files. 

Tlie  following  is  an  account  profile  for  more  typical  STARS  user: 

Username:  WARDT  Owner;  TOM  W7VRD 

Account:  STARS  UIC:  [201,76]  ( (STARS, WARDT] ) 

CLI:  DCL  Tables:  DCLTABLES 

Default:  DISKSUSER: [WARDT] 

LGICMD:  LOGIN 

Login  Flags : 

F rimary  days:  Mon  Tue  Wed  Thu  Fri 

Secondary  days:  Sat  Sun 

No  access  restrictions 

Expiration:  (none)  Pwdminimum;  6  Login  Fails:  0 

Pwdlifetime:  90  00:00  Pwdehange:  31-OCT-1989  16:.51 

Last  Login:  15-NOV-1989  06:53  (interactive),  (none) 


Max  jobs : 

0 

Fillm: 

100 

Bytlm: 

20480 

Maxacct jobs : 

0 

Shrf illm: 

0 

Pbytlm; 

0 

Maxdetach : 

0 

BlOIm: 

18 

JTquot  a : 

1024 

Prclm: 

10 

Diolm: 

18 

wsdef : 

]  024 

Prio : 

4 

ASTlm: 

24 

WSquo : 

2048 

Queprio : 

0 

TQEltn: 

10 

WSextent : 

4  0  90 

CPU; 

(none) 

Enqlm: 

300 

Pgf Iquo : 

20000 

Authorized  Privileges: 

TMPMBX  NETMBX 
Default  Privileges: 
TMPMBX  NETMBX 


VMS  has  other  system  parameters  that  control  ihe  maximum  number  of  times  a  login 
failure  may  occur  before  evasive  action  is  taken.  When  the  number  rd  login  fails  is  exceeded,  the 
system  will  disconnect  the  terminal.  For  local  users,  this  has  minimal  impact,  for  dial-up  users,  it 
requires  the  user  to  re-dial  the  number  in  order  to  try  again.  VM.S  allows  for  an  account  to  be 
disabled  for  a  preriod  of  time  after  a  break-in  attempt  is  detected.  Tlris  and  other  related 
parameters  are  controlled  by  the  VAX  system  generation  program,  but  they  rnay  be  changed  at 
any  time.  These  parameters  can  be  set  to  make  break-in  nearly  impo.sjiblc.  For  example,  an 
account  can  be  disabled  for  a  period  of  time  ranging  from  seconds  to  days  after  a  failed  login 
attempt  is  detected.  Restrictive  settings  are  a  hardsliip  on  users  who  forget  their  passwords  or 
have  trouble  connecting  to  the  system;  therefore,  the  system  manager  for  a  VAX^^'MS  computer 
needs  determine  the  optimum  trade  off  between  system  security  and  ease  of  user  access. 
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An  additional  security  feature  has  been  incorporated  into  the  STARS  computer  to 
disconnect  a  user  who  is  inactive  but  remains  logged  on  to  the  system.  A  "watch-dog"  timer 
program  named  TIMEOUT  monitors  activity  by  each  user  and  terminates  the  user  session  if 
there  has  been  no  activity  for  a  period  of  time,  currently  set  at  35  minutes.  Warnings  are  issued  to 
the  user  once  each  minute  for  Ae  five  minute  period  before  the  inactivity  limit  is  reached.  This 
program  helps  prevent  unauthorized  use  of  the  computer  when  a  terminal  is  left  unattended.  The 
duration  of  the  timeout  can  be  changed  by  the  system  manager. 


4.2  Network  Access 


The  STARS  computer  is  connected  to  a  corporate  network  operated  by  Science 
Applications  International  Corporation  (SAIC)  and  to  a  network  operated  by  International 
Business  Macliines  (IBM). 

Tlie  STARS  computer  is  linked  via  an  Ethernet  Local  Area  Network  (LAN)  to  several 
computers  located  at  the  Clearwater,  Florida  facility.  The  STARS  computer  is  connected  to  the 
SAIC  network  through  a  Wide  Area  Network  (WAN)  synchronous  lea.sed  line  through  a  DEC 
model  3100  computer.  The  SAIC  network  is  connected  to  other  computers  used  by  SAIC. 
Message  interchange  with  the  Boeing  repository  is  handled  through  the  internet  via  an  SAIC 
computer  locatcl  in  San  Diego,  California.  The  network  mail  address  for  the  Boeing  computer  is 
SDSC;:"usemame%BONNIE<a)ATC.BOEING.COM".  The  STARS  computer  address  for  the 
Boeing  computer  is  AJlPA.%"usemame%STARS.SPAN(a»SDS.SD$C.EDU". 


ITie  IBM  network  co:jiection  is  via  an  Ethernet  bridge  and  modem  to  IBM’s  Gaithersburg 
office.  This  cormection  allows  access  by  IBM  personnel  to  the  repository  computer  without  using 
slower  dial-up  lines  (see  2.1.3). 


Each  of  these  connections  adds  a  new  risk  element  to  the  STARS  computer.  The  need  to  be 
connected  to  a  network  must  be  weighed  against  the  risk.  For  example,  an  unknown  person 
released  a  worm  on  16  October  1989  to  the  internet  which  targeted  DEC  VAX  computers 
running  the  VMS  operating  system.  The  worm  would  attempt  entry  via  an  internal  list  of 
accounts  and  a  password  guessing  scheme  as  well  as  exploiting  sites  which  had  inadequate 
protection  of  certain  cntical  files.  Nerwork  managers  on  the  internet  shared  information  ohou«  the 
woim’s  operation  and  information  on  protecting  computers  from  attack.  Such  attacks  are 
becoming  more  frequent;  however,  there  is  no  evidence  that  the  STARS  computer  was  ever 
targeted.  The  system  managers  prevent  such  access  by  restricting  access  to  critical  files  and 
protecting  network  accounts  from  unautliorized  use. 


4.3  Physical  Security 

The  STARS  computer  is  housed  in  a  locked  room  within  the  offices  of  Science 
Applications  International.  Keys  are  provided  only  to  the  systems  staff  (Steven  Kutoroff  and 
Leonard  Turton)  and  the  building  management.  Visitors  are  escorted  to  the  room  for  service  and 
repair. 

Power  to  tlie  STARS  computer  is  provided  through  a  Liebert  30  KVA  Unintermptable 
Pov'er  Supply  (UPS).  The  UPS  provides  filtered  and  clean  power  in  spite  of  any  service 
intemptions  to  the  building.  All  electrical  grounds  aie  also  through  the  UPS.  All  STARS 
communications  equipment  is  powered  tlirough  the  same  UPS  as  the  computer  itself.  The  LiPS 
can  provide  for  cominuous  operation  for  up  to  one  hour  on  its  internal  batteries. 
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The  STARS  computer  room  is  air  conditioned  by  two  physically  separate  ait  conditioners, 
one  of  2  ton  capacity  and  the  other  of  6  ton  capacity.  At  all  times  one  air  conditioner  is  set  for 
continuous  air  circulation  and  controls  the  room  teinperature.  The  second  unit  is  adjusted  to  a 
liigher  temperature  with  its  air  handler  set  to  automatic  as  a  backup  to  the  primary  unit.  The  roles 
of  the  two  units  are  periodically  exchanged  by  adjusting  the  thermostat  and  changing  the  fan 
control,  this  ensures  that  the  backup  unit  is  functional.  At  this  time,  neitlier  air  conditioner  has  a 
backup  power  source. 

The  risk  of  fire  is  controlled  by  the  buildings  sprinkler  system.  At  this  time  there  are  no 
interlocks  between  the  building  sprinkler  system  and  the  UPS.  This  is  a  known  risk  which  will  be 
corrected  in  the  future. 

Magnetic  tapes  used  for  backup  purposes  are  stored  both  on  site  and  in  off  site  secure 
storage.  On  site  storage  is  used  for  incremental  (short  term)  backup  tapes  and  for  backups 
waiting  for  delivery  to  the  off  site  location.  The  on  site  storage  facility  is  a  tape  rack  in  the  room 
adjacent  to  the  computer  which  has  the  same  lock  as  the  computer  room. 

Off  site  tape  storage  is  at: 

Archive  Corporation 
3901  W.  Osborne 
Tampa,  FL,  33614 
(313) 874-1577 

The  Arcliive  Corporation  provides  for  secure  storage  of  magnetic  media.  They  will  pick  up  and 
deliver  tapes  upon  request.  This  facility  ensures  survivability  of  the  IBM  Repository  in  case  of 
disaster  on  site. 
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5.  System  Asset  Management 


System  asset  management  not  only  includes  the  physical  asset  of  the  computer  itself,  but 
also  the  information  contained  within  it.  The  hardware  items  are  tracked  using  a  database  of  all 
items  purchased  for  the  contract  along  with  a  property  identification  system  for  each  item 
purchased. 

The  less  tangible  assets  can  be  managed  by  considering  the  following  questions: 

1.  Are  all  the  users  that  have  access  to  the  system  known? 

2.  Should  any  of  these  users  be  deleted? 

3.  Is  all  data  on  the  system  related  to  the  supporting  contract? 

4.  Are  aU  network  paths  documented  and  controlled? 

5.  Are  failed  accesses  reviewed  for  security  breaks? 

6.  Are  users  periodically  informed  of  their  responsibilities? 

7.  Are  system  critical  files  protected  from  general  access? 

8.  Are  limited  access  areas  protected  from  unauthorized  access? 

These  topics  will  be  covered  individually. 


5.1  Are  all  the  users  that  have  access  to  the  system  known? 

The  AUTHORIZE  program  allows  system  managers  to  review,  add,  delete,  and  modify 
accounts  and  attributes  for  each  account  on  the  system.  Ihe  user  list  is  reviewed  periodically  to 
ensure  that  each  user  account  is  known  and  has  appropriate  privileges.  A  separate  database  is 
maintained  with  information  about  users  mail  address,  phone  number,  and  affiliation.  This 
database  includes  all  past  STARS  participants. 

5.2  Should  any  of  these  users  be  deleted? 


ir»uger  associated 


th 


A  report  from  AblTHORIZE  is  periodically  reviewed  for  users  no  1 
the  STARS  program  and  users  whose  accounts  are  inactive.  Irjactive  accounts  are  those  for 
which  the  user  has  not  logged  in  for  a  period  of  90  days,  the  current  value  for  password  lifetime. 
The  system  announcement  message  (see  6.1,1)  warns  users  that  this  may  occur  and  lets  them 
know  tlie  STARS  help  phone  number  should  they  have  a  problem.  At  the  discretion  of  the 
system  manager,  files  belonging  to  users  no  longer  active  in  the  STARS  program  are  either 
deleted  immediately  or  saved  for  six  months  (to  allow  the  user  time  to  rejoin  the  program). 


5.3  Is  aU  data  on  the  system  related  to  the  supporting  contract? 

It  is  not  possible  to  check  all  user  files  for  relationship  to  the  STARS  program,  users  can 
upload  and  download  files  at  will  from  personal  computers  to  STARS.  Since  access  to  the 
STARS  system  is  controlled,  abuse  of  the  system  is  believed  to  be  unlikely. 


5.4  Are  all  network  paths  documented  and  controlled? 


See  the  section  titled  "Security". 


5.5  Aie  failed  accesses  reviev/ed  for  security  breaks? 

Each  break-in  detection  or  failed  access  produces  a  warning  on  the  system  console  a' d  an 
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entry  in  the  operator  log  file.  Procedures  for  searching  the  operator  log  file  and  reponing  break  in 
attempts  are  under  development. 

5 .6  Are  users  periodically  informed  of  their  responsibilities? 

Through  the  message  printed  at  login  users  are  occasionally  reminded  of  the  need  to  change 
passwords.  No  formal  statement  of  responsibilities  is  currently  sent  to  all  active  STARS  users. 

5.7  Are  system  critical  files  protected  from  general  access? 

All  system  critical  files  are  protected  from  general  access  by  controlling  file  ownership  and 
file  access.  System  files  are  owned  by  the  system  account,  as  opposed  to  the  privileged  users 
who  maintain  them.  These  files  have  protection  codes  which  restrict  access  to  those  with  s{>ecial 
privileges  (controlled  by  AUTHORIZE)  and  by  the  system  itself.  The  files  belonging  to  the 
AUTHORIZE  program  itself  are  critical. 

5.8  Are  Umited  access  areas  protected  from  unauthorized  access? 

VAXA^S  provides  a  mechanism  called  the  Access  Control  List  (ACL)  which  may  be 
used  to  limit  access  to  files.  Projects  such  as  Common  Ada  Missile  Packages  (CAMP)  are  given 
a  unique  identifier  which  is  granted  on  an  individual  and  temporary  basis  to  users  needing  access 
to  such  flies.  Access  to  limited  access  files  is  granted  on  a  special  request  basis. 
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6.  User  Interface  Considerations 


6.1  Getting  logged  onto  the  computer 

It  is  important  that  users  have  access  to  information  needed  for  the  support  of  their  work 
that  pertains  to  the  function  being  performed.  For  example,  a  help  message  on  logging  into  the 
computer  is  not  useful  to  a  user  having  trouble  logging  in. 

6.1.1  SYSSANNOUNCE 

The  message  known  by  the  logical  name  SYSSANNOUNCE  is  displayed  for  users  prior  to 
the  USERNAME  prompt  at  login  time.  It  is  used  on  the  STARS  computer  to  provide  the  help 
phone  line  number  should  a  user  have  difficulty  in  logging  in  to  the  computer.  The  message 
warns  users  that  passwords  will  expire  every  90  days. 

IBM  TEAM  STARS  REPOSITORY 

For  system  security,  passwords  are  expired  after  90  days  of  inactivity. 

If  you  experience  any  problems,  please  call  the  help  line. 

(813)  791-9437 

usernarae : 


6  1.2  SYSSWELCOME 

The  welcome  message,  known  by  the  logical  name  SYSSWELCOME,  is  displayed  after 
the  username  and  password  are  verified.  The  message  is  typically  a  welcome  to  the  computer 
system  in  use.  The  message  shown  is  displayed  below: 

IBM  STARS  Team  VAX  3600,  VMS  V4 . 7A 

After  this  message  the  system  informs  the  user  of  the  last  date  and  time  of  interactive  and  batch 
logins.  The  purpose  of  this  information  is  to  allow  users  to  verify  that  this  information  is 
consistent  with  their  use  as  it  provides  a  means  for  users  to  check  that  no  unauthorized  user  is 
logging  in  under  their  account.  If  the  user  has  unread  mail,  the  number  of  unread  messages  is 
displayed  at  this  time. 

6.1.3  NOTICE.TXT 

Notice  is  the  message  displayed  to  the  user  after  successful  logon  that  conveys  information 
about  the  system’s  latest  capabilities  and  informs  the  user  of  new  tools  or  scheduled  downtime. 
The  notice  file  is  also  displayed  in  response  to  the  command  NOllCE  at  the  DCL  (Digital 
Command  Language)  prompt.  A  typical  NOTICE.TXT  file  is  shown  below; 

=====“======»===—===  Last  Edited  13  November  1989  at  1520  EST  •=====  ========•== 

The  IBM  STARS  Team  Repository  may  be  accessed  via  the  following  commands  at 
the  command  prompt : 

$  repos2_2 

—  for  version  2.2  of  the  interface 
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—  NOTE:  this  version  requires  full  VT220  emulation. 

$  repos  windows  I  nonwindows 

—  for  version  2.0  of  the  interface  (obsolete) . 

—  default  is  to  use  windows  mode  unless  terminal  data  rate  is  low 

—  windows  mode  requires  VTIOO  or  VT220  emulation. 

$  reposl 

—  for  version  1.0  of  the  interface  (obsolete) . 

==='=========«'==  IBM  STARS  Team  Help  phone  line  (313)791-9437  =■>====-==««•■=«■« 

AdaMAT  has  been  installed.  Type  ADAMAT  for  an  introduction. 
■•■=■=-=====««>=  For  assistance  call  Len  Turton  or  Steve  Kutoroff  «=«.===!===- 

»=====»=-==»=«===-  Problem  Reports  may  be  mailed  to  'REPOS'  •»«■•—===*=====—== 


The  notice  must  be  changed  in  response  to  new  software,  system  changes,  user  interface 
changes,  and  to  provide  warnings  about  downtime.  The  date  entered  into  the  top  line  lets  users 
know  when  the  file  has  been  updated.  Another  approach  used  for  such  information  is  to  display 
the  notice  file  only  once  after  it  has  been  updated.  The  STARS  system  currently  displays  the 
notice  on  each  login. 


Ill  ilic  aiiovc  cxaiiiplc,  the  iiotiCc  15  uifoiiiiiiig  uSets  that  the  coifiiuon  repository  intcffacc 
softw'are  is  available  in  three  current  versions.  Since  each  of  the  versions  has  certain 
requirements,  such  as  terminal  emulation  requirement,  these  are  noted.  The  software  used  for 
database  access  to  the  repository  is  developed  under  task  IR40  and  is  managed  by  task  IRIO. 
Development  and  maintenance  of  the  repository  database  is  the  responsibility  of  task  1R40,  IRIO 
provides  for  support,  backup,  and  maintenance  of  the  commercial  and  systems  software  used  by 
IR40. 


6.2  Using  the  STARS  Computer 
6.2.1  WAX/VMS  Services 

The  VAXA^S  operating  system  has  a  number  of  features  to  assist  users,  such  a.s  a 
complete  on-line  help  system.  Users  may  type  help  on  a  topic  or  command  from  the  VMS 
prompt  and  get  information  including  examples  at  the  lowest  level.  Many  commands  may  be 
entered  directly  at  tlie  command  line  or  the  user  may  elect  to  enter  a  layered  product  such  as  the 
Ada  compiler’s  library  management  system,  known  as  ACS,  or  the  Configuration  Management 
System  (CMS)  and  work  within  the  product’s  own  command  shell  and  help  environment.  Help  is 
entered  by  typing  HELP  or  HELP  followed  by  topic  or  subject. 


STARS  users  are  given  open  access  to  system  resources  such  as  the  processor  and  creating 
disk  files.  Should  capacity  management  become  a  problem,  the  system  has  facilities  to  manage 
resource  usage  either  through  accounting  or  through  allocation  of  quotas  and  limits.  For  capacity 
man;  jement  VMS  allows  the  assignment  of  disk  quotas  to  a  project  or  to  a  user.  VMS  also 
allows  for  setting  limits  on  total  processor  usage.  Disk  quotas  are  enabled  by  volume,  this  would 
allow  the  management  of  the  disk  space  used  on  the  user  files  disk  (Disk$User:)  without  impact 
on  the  system  or  the  repository  disk  drives.  At  the  cuirent  time,  there  is  no  need  to  manage  disk 
use  on  the  STARS  computer. 

6.2.2  Using  the  Repository 
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The  philosophy  of  the  IBM  Team  repository  is  to  develop  a  customizable  she?'  between  the 
computer  operating  system  and  the  repository  contents.  This  has  been  done  in  a  stepwise  fashion, 
learning  from  the  early  prototypes  and  using  the  experience  to  develop  an  improved  interface. 

The  earliest  interface  consisted  of  a  single  level  menu  programmed  using  the  VAX 
computers  command  language,  Digital  Command  Language  (DCL).  This  inteita*  e  is  available 
by  using  the  command  REPOS  1,  noted  in  the  text  of  the  file  NOTICE.TXT,  described  above. 
TTiis  interface  merely  provided  a  means  to  access  some  of  the  data  and  tools  on  the  repository 
during  the  Q  increment. 

The  next  step  in  repository  f!,;velopment  was  to  create  an  interface  to  an  Oracle  database  of 
the  repository  contents.  This  interface  w-as  coded  in  Ada  using  the  Window_Manager  from  the 
STARS  Foundation  contract  as  its  basis.  The  menus  for  this  interface  were  hard  cooed  in  the 
program.  Later  versions  of  the  software  were  developed  in  which  the  menus  are  defined  in  a  text 
file  which  is  read  into  a  more  general  menu  driver  program  which  provides  the  interface  to  the 
actions  needed  for  each  menu  selection.  The  various  versions  of  this  interface  are  available  by 
typing  REPOS2_2,  REPOS2,  or  REPOS  at  the  DCL  command  prompt,  as  noted  in  the  logon 
message. 

llie  goal  of  these  interfaces  is  to  provide  a  single  access  method  into  the  repository'  and 
therefore  allow  the  database  to  manage  the  contents  independent  of  the  host  operating  system. 
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7.  Repository  Operation 


Operation  of  the  STARS  repository  requires  that  products  of  the  primes  be  obtained,  stored, 
and  distributed.  Changed  and  new  products  from  the  Boeing  repository'  are  delivered  monthly  on 
VAXA7V1S  backup  format  9  track  magnetic  tapes.  Changed  and  new  products  from  Unisys  are 
deli  vered  as  needed  on  VAXA^S  backup  format  9  track  magnetic  tapes.  The  tapes  contents  are 
loaded  onto  the  lepository  when  they  are  delivered. 

CDRL  products  from  IBM  and  its  subcontractors  are  delivered  electronically  by  IBM  to  a 
holding  area  from  which  the  files  are  transferred  to  the  repository.  This  process  has  been  largely 
automated. 


There  have  been  problems  with  the  process,  primarily  with  products  prepared  by  UNIX 
host  computers.  There  are  a  number  of  files  in  the  repository  which  are  in  UNIX  file  format 
rather  than  VMS  file  format.  These  files  cannot  be  read  by  VMS  editors  due  to  the  inclusion  of 
line  feed  characters  at  line  breaks,  a  tool  to  convert  these  files  is  being  prepared.  Other  files  have 
been  delivered  to  the  VAXA'MS  repository  host  which  are  in  binary  executable  and  object 
format.  Such  files  are  deleted  when  found  as  they  cause  unpredictable  effects  on  attached 
teiminals  when  they  are  viewed.  These  problems  are  being  corrected  with  cooperation  by  all 
parties  and  by  changing  supplier  procedures. 


\  ^  4%  .rti  ^  1  A  w  m  9*  nt  I  '  1^'  O 
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and  NEWS.  NOTES  is  a  program  from  DEC  which  allows  people  to  interact  as  if  in  conference 
with  other  users  on  a  topic.  As  such,  NOTES  allows  for  an  individual  to  control  a  topic  under 
discussion  and  limit  interaction  to  certain  people.  The  program  NEWS  is  more  of  an  electronic 
bulletin  board  for  sharing  and  posting  information.  NEWS  has  features  which  allow  for  multiple 
computers  to  exchange  news  items  via  n<'twork  interconnections.  NEWS  is  used  to  exchange 
items  between  the  Boeing  and  IBM  repositories. 
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8.  Repository  Organization 


The  repository  organization  scheme  is  important  for  users  accessing  the  repository  through 
VAX/VMS  commands  or  the  directory  browser  component  of  the  repository  software.  The 
following  diagram  illustrates  the  gross  structure  of  the  directories  in  the  repository.  The  CDRL 
items  for  each  task  are  located  in  Ae  directory  for  the  task,  the  CDRI.,s  are  listed  in  a  later  chan. 


Ada$  : 

[Repository] 

1 

1  1  1 

1  1  1 

ALS  ASR  CAMP 

1 

NOSC^ 

1 

WlS  STARS_Founclation 

1  1  1 
STARS_Prime  SOME  UNITREP 

1 

1 

I 

BOEING 

1 

IBM 

I 

UNISYS 

1 

Workshop^Orientation 

I 

PEER  REVIEWS  BY 

BOEING 

1 

QOl 

1 

00210 

I 

Glossary 

QTASKIO 

Q03 

00320 

0ne_Pager3 

QTASKll 

Q08 

0039C 

Support 

QTASK12 

Q09 

PEER_R£VIEW 

_COMMENTS 

QTASK13 

QIO 

PEER  REVIEW 

_C0.MMENTS_2 

QTASK15 

Q12 

QIO 

QTASK16 

Q13 

013 

QTASK21 

Q15 

Q14 

QTASK24 

016 

017 

QTASK25 

022 

08 

QTASK6 

0X1 

Q9 

QTASK8 

QX2 

RIO 

QTASK9 

QX3 

R20 

RTASKCO 

0X4 

R21 

RTASKIO 

ROO 

R40 

RTASK20 

RIO 

R60 

i 

R2  C 

k64 

RTASK22 

R23A 

R65 

RTASK23 

R40 

R69 

RTASK24 

RQM15 

RTASK.25 

SOO 

RTASK40 

SIO 

RTASK67 

S20 

522 

523 

540 

541 
S66 

TO_BOEING 
TO  IBM 


The  STARS  Prime  CDRLs  are  listed  below  by  director^'  name  in  the  repository.  As  can  be 
seen  below,  each  prime  contractor  uses  a  unique  naming  convention  for  the  directories  which 
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contain  their  CDRL  items. 

Directory  DISKSREPOSITORY : [REPOSITORY . STARS_PRrME . BOEING . QTASKIO ] 

CDRL210 

CDRL220 

CDRL260 

CDRL270 

Directory  DISK$REPOSITORY : [ REPOSITORY . STARS_PRIME . BOEING .QTASKll ] 

CDRL300 

CDRL310 

Directory  DISKS REPOSITORY : [ REPOSITORY . STARS_PRIME . BOEING .QTASK12 ] 
CDRL410 

Directory  DISKSKEPOSITORY : [ REPOSITORY. STARS_PRIME. BOEING. QTASK13] 

ARPS 

ARPS_V1 

CDRL 160 

CDRL470 

CDRL510 

CDRL520 

CORL530 

CDRL540 

CDRL550 

Directory  DISK$REPOSITORY : [REPOS1TORY.STARS_PRIME.BOEING.QTASK15] 

CDRL_1420 

CDRL_1430 

Directory  DISKSREPOSITORY : [REPOSITORY . STARS_PRIME . BOEING . QTASK2 4 ] 

CDRL600 

CDRL610 

CDRL620 

CDRL630 

CDRL650 

CDRL660 

Directory  DISKSREPOSITORY: [REPOSITORY . STARS_FRIME . BOEING .QTASK8 ] 

CDRL140 

CDRL170 

Directory  DISKSREPOSITORY : [REPOSITORY . STARS_PRIME . BOEING . RTASKOO ] 
CDRL710 
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Directory  DISK$REPOSITORY : (REPOSITORY . STARS_PRIME . BOEING . RTASKIO] 
CDRL_810 

Directory  DISK$REPOSITORY : [ REPOSITORY . STARS_PRIM£ . BOEING . RTAGK21 ] 

CDRL_890 

CDRL_910 

Directory  DISK$REPOGITORY : [REPOSITORY . STARS_PRIME . BOEING . rTASK24] 
CDRL_980 

Directory  DISK$REPOSITORY ; [ REPOSITORY . STARS_PRIME . BOEING . RTASK40 J 

CDRL_820 

CDRL_840 

CDRL_860 

Directory  DISKSREPOSITORY : [REPOSITORY . STARS_PRIME . BOEING . RTASK67 ] 
CDRL_1240 

Directory  DISK$BEPOSITORY: [REPOSITORY. STARS_PRIME. IBM. OOl] 

C0080A 

C0080B 

PEER_REVIEW 

Directory  DISK$BEPOSITORY : [REPOSITORY . STARS_PRIME . IBM. 003 ] 

C0090 

COlOO 

COHO 

Directory  DISKSREPOSITORY : [REPOSITORY . STARS_PRIME . IBM. 008 ] 

C0160 

C0170 

C0180 

C0190 

C0220 

C0230 

C0240 

C0270 

C0290 

C0300 

Directory  DISK$REPOSITORY; [ REPOSITORY. STARS_PRIME. IBM. 00 9] 

C0310 
CO  320 
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C0330 

C0340 

C0350 

C0360 

C0370 

C0380 

CC390 

Directory  DISK$REPOSITORY : [ REPOS ITORY.STARS_PRIME. IBM- QIO] 

C0420 

C0430 

C0440 

C0450 

Directory  DISK$REPOSITORY: [REPOSITORY . STARS_PRIME . IBM. Q12] 

C0460 

C0470 

C048G 

C0490 

CUttOO 

C0510 

C0520 

C0530 

Directory  DlSK$.HEPOSITORY :  [ REPOS ITORY.STARS_P RIME.  IBM. Q1 3] 

C0540 

C0550 

C0560 

C0570 

C05S0 

C0590 

C0600 

Directory  DISK$REPOSITORY : [REPOSITORY. STARS_PRIME. IBM. Q15] 

C1230 

C1270A 

C1270B 

Directory  DISKSREPOSITORY: [REPOSITORY. STARS_PRIME. IBM. Q16] 

C0620 

C0630 

C0640 

C0650 

C0660 

C0670 

C0680 

C0630 
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C0700 

C0710 

C0730 

C0740 

C0750 

C0760 

C0770 

C0780 

C0790 

C080C 

C0810 

C0820 

Directory  DISK$REPOSITOKY ; [REPOSITORY . STARS_PKIME . IBM . Q22 j 
C0830 

Directory  DISK$REPOSITORY : [REPOSITORY . STARS_PRIME . IBM . QXl ] 
C0870 

Directory  DISK^KEPOSITOKY  :  [KEPUSiiOKX  .  STAl<t>_PKa.ME  .  lDM.yx2] 

C0880 

C0890 

C0900 

Directory  DISK$REPOSITORY : [REPOSITORY . STARS_PRIME , IBM. QX3] 

C0910 

C0920 

C0930 

C0940 

Directory  DISKSREPOSITORY : [REPOSITORY . STARS_PRIME . IBM. QX4] 

ClOlO 

C1020 

Directory  DISK$REPOSITORY : [REPOSITORY . STARS_PRIME . IBM . ROO] 

C1280 

C1320 

C1392 

MONTHLY_PROGRESS_REPORT 

Directory  DISKSREPOSITORY : [REPOSITORY . ST?U^S_PRIME . IBM. RlO] 

C1430B 

C1430C 

Directory  DISK$REPOSITORY : [REPOSITORY. STARS_PRIME . IBM. R20] 
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C1500A 

C1500B 

C1510A 

Directory  DISK$REPOSITORY  :  [REPOSITORY  .  STARS_PRII-1E ,  IBM.  R2 3 A] 

C2030 

C2040 

Directory  DISK$REPOSITORY : [REPOSITORY. STARS_PRIME. IBM. R40] 

CI540 

C1560B 

C1560C 

C1570A 

C1570B 

C1570C 

C1600A 

C1600B 


4^  xi.  i.  utN.VC\oc  VO  x  x'^iNX  •  [  isXtc  VO  X  i- vi\x  •  o  Idxw  X  &\XVXU  •  O I*  X  u/ X  >-/  •  W ■**  V  J 


00380__DOC 
00400_ADA 
00410  ADA 


Directory  DISK$r.EPOSITORY: [REPOSITORY. STARS_PRIME. UNISYS. Q13] 
00460_ADA 

Directory  DISK$REPOSITORY : [REPOSITORY. STARS_PRIME. UNISYS .Q14] 

00490_ADA 
02014_001__00 
02014  002  00 


Directory  DISK$REPOSITORY : [REPOSITORY . STARS_PRIME .UNISYS .Q17 ] 


00540_ADA 

Directory  D1SK$REP0SIT0RY ; [REPOSITORY .STARS_PRIME.UNISYS .Q8] 


00190_ADA 

00220_ADA 

00240_ADA 

00260_ADA 

00280_ADA 

Directory  DISKSREPOSITORY : [REPOSITORY . STARS_PRIME . UNISYS .Q9 ] 


00330  ADA 


22 


CDRL  1440 


Directory  DISK$REPOSITORY : [REPOSITORY . STARS_FRIME . UNISYS .R20] 
ACE 

CAIS_A 

UI 
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9.  Future 


9.1  Software 


9.1.1  STARS  Software 

In  llie  future  the  repository  will  continue  to  receive  updated  user  access  software  from  task 
IR40.  This  software  will  incorporate  improved  access  and  retrieval  methods.  In  addition,  new 
features  for  identifying  STARS  users  and  their  addresses  are  plaimed  as  well  as  improvements  in 
user  feedback  and  problem  reporting. 

9.1.2  Commercial  Software 


The  repository  will  be  updated  from  VMS  4.7A  to  VMS  5.2  as  soon  as  feasible  once  the 
time,  materials,  and  user  impacts  have  been  coordinated.  There  is  always  concern  that  a  new 
version  of  the  operating  system  will  cause  problems  with  other  software,  such  as  the  Oracle 
RDBMS  and  AdaMAT.  The  upgrade  may  impact  the  STARS  access  software  through  changes  in 
the  runtime  environment  or  the  Oracle  RDBMS  interface  software.  The  impact  of  this  upgrade 
are  under  investigation  at  the  present  time. 


i>vi-iwaiv 
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version  1 .5  to  version  2.0.  The  extent  of  the  changes  to  the  compiler  are  currently  unknown 


Upgrading 


- 

IIJC 
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There  is  interest  in  adding  a  commercial  SGML  processing  capability  to  the  repository. 
Task  IR65  is  investigating  the  cost  and  benefits  of  products  from  DataLogics  and  Software 
Exoterica  for  SGML  processing. 


9.2  Tele-Communications 


Improvements  in  remote  access  are  being  considered.  Tymnet,  Telenet,  and  expanded  800 
number  coverage  are  some  of  the  options.  "800"  service  is  most  economical  at  the  lower  range  of 
use  and  use  of  a  network  service  is  more  effective  at  the  higher  volumes.  At  the  current  rate  of 
use,  800  service  is  the  most  cost  effective  route. 

Additionally,  the  cost  and  utility  of  connecting  the  STARS  computer  to  the  regional 
networks  is  now  being  investigated. 
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APPENDIX  A. 

APPENDIX:  Backup  Procedures 


Backup  procedures  are  intended  to  ensure  recovery  of  user  and  system  files  in  the  event  of 
a  system  failure  that  results  in  loss  of  disk  file  system  integrity.  The  STARS  repository  contains 
three  disk  volumes:  system,  user,  and  the  repository.  The  system  and  repository'  disks  are 
relatively  static,  i.e.  significant  changes  occur  periodically,  not  daily.  The  user  disk  has  file 
changes  on  a  daily  basis. 

A.l  System  Disk  -  STARS$DUA0: 

The  system  disk  has  a  STANDALONE  backup  performed  eveiy  three  months  or  more 
frequently  in  the  event  the  system  disk  is  modified,  such  as  the  installation  or  upgrade  of  a 
software  product.  A  new  standalone  must  be  performed  to  insure  an  updated  backup  copy  after 
any  such  additions  to  the  system  disk. 

The  concept  of  a  STANDALONE  backup  is  to  boot  the  system  to  a  running  minimal 
operating  system  with  no  users.  The  minimal  system  files  are  loaded  into  memory  such  that  no 
files  are  open  on  the  system  disk  to  ensure  that  an  accurate  image  of  the  operating  system  is 
placed  on  the  tape. 

A.2  User  Disk  -  STARS$DUA1: 

The  user  disk  has  a  full  backup  performed  evei^  two  weeks.  The  full  backup  procedure  also 
performs  the  record  function  in  which  the  date  of  the  file  backed  up  is  recorded  on  disk.  Between 
the  full  backups  a  daily  incremental  backup  is  performed  at  2000  hours  each  night.  The 
incremental  procedure  backs  up  any  files  that  have  been  modified,  created,  or  accessed  since  the 
last  recorded  full  backup. 

A.3  Repository  -  STARS$DUA2:  <&  STARS$DUA3: 

The  repository  disk  is  much  like  the  system  disk.  The  contents  of  the  repository  do  not 
change  on  a  daily  basis.  A  full  backup  procedure  is  performed  every  2  months  or  when  any 
products  have  been  changed.  The  record  option  is  also  used  on  the  repository  full  backup.  An 
incremental  backup  procedure  is  performed  once  a  week  to  insure  dl  modified,  created,  or 
accessed  files  have  been  saved  to  tape. 

A  full  backup  of  the  repositoiy  contents  currently  requires  seven  12  inch  magnetic  tapes 
recorded  at  6250  bits  per  inch. 
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APPENDIX  B. 

APPENDIX;  Adding  New  Users 


To  add  a  new  user  to  the  STARS  system,  the  following  steps  are  performed; 

1 .  Obtain  following  information  about  user;  First  N ame,  Last  Name,  Address,  and  Phone 
Number. 

2.  Execute  the  (S)  ADDUSER  command  procedure.  This  is  the  procedure  set  up  to  assist 
in  adding  a  new  user  to  the  system.  An  alternate  method  is  to  execute  AUTHORIZE  utility 
and  perform  the  task  manually.  The  ADDUSER  command  procedure  pciforms  all  required 
steps  while  using  a  default  account  as  reference.  A  new  user  is  assigned  a  unique  account 
name,  a  user  identification  code  (UIC),  a  temporary  password,  and  a  working  directory. 

3.  Add  the  new  user  information  into  the  STARS  repository  users  reference  Ust. 

4.  Inform  user  by  phone  that  his  or  her  account  is  available.  The  new  user  will 
automatically  be  forced  to  change  the  temporary  password  that  was  initially  assigned  to 
them. 
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APPENDIX  C. 

APPENDIX;  Expired  User  Account  Management 


A  user  account  is  expired  due  to  inactivity  oi  due  to  a  change  in  status  as  a  STARS  user. 

The  procedure  to  expire  users  is  as  follows; 

1 .  First  the  user  authorize  file  is  checked  for  inactivity  for  a  period  of  more  then  90  days. 
This  is  done  monthly;  however,  the  chief  programmer  may  use  discretion  in  terminating 
access  to  accounts. 

2.  If  the  account  has  been  inactive  for  more  than  90  days  the  DISUSER,  and  DISMAIL 
flags  are  set  on  the  account  using  the  AUTHORIZE  utility.  These  flags  block  the  user  from 
logging  into  the  account  or  receiving  mail.  The  DISUSER  flag  prevents  the  user  from 
logging  onto  the  computer  even  if  the  proper  password  is  provided,  this  cannot  be 
distinguished  from  using  the  wrong  password  on  the  accoimt.  At  anytime  the  user  account 
may  be  modified  to  allow  the  user  access  to  the  system  by  removing  the  flags  from  the 
authorize  file.  A  user  who  has  been  expired  and  requires  access  to  the  system  need  merely 
call  and  tlie  account  can  be  enabled. 
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APPENDIX  D. 

APPENDIX:  Terminated  User  Account  Management 


Access  to  the  STARS  computer  is  restricted  to  persons  actively  working  on  STARS 
projects  through  the  program  office,  contractors,  or  subcontractors.  STARS  access  is  terminated 
when  tlie  user  no  longer  qualifies  and  when  such  notification  is  provided  to  the  chief 
programmer  for  task  IR 10.  The  procedure  for  a  terminated  user  is  as  follows: 

1.  Remove  the  USERNAME  form  the  system  authorize  file.  This  is  performed  by 
running  the  AUTHORIZE  utility  and  entering  "REMOVE  useniame".  This  command 
removes  the  user  from  the  AUTHORIZE  database. 

2.  Archive  the  user  account.  This  is  done  by  using  the  BACKUP  utility.  The  files 
associated  with  the  user  are  copied  onto  tape  and  saved  for  6  months.  If  the  users  total  disk 
space  is  limited  the  files  may  be  deleted  entirely  from  the  system  or  they  may  be  kept  on  disk 
rather  than  placing  them  on  tape.  If  the  user  is  to  be  reinstated,  the  user’s  files  can  be 
restored. 

3 .  Any  V AXNotes  discussions  owned  by  the  individual  will  need  to  have  their  ownership 
corrected. 

4.  The  database  of  user  information  will  have  to  be  updated. 
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